"This thesis develops and presents a secure Git implementation, Git Virtual Vault (GV2), for users of Git to work on sensitive projects with repositories located in unsecure distributed environments, such as in cloud computing. This scenario is common within the Department of Defense, as much work is of a sensitive nature."

Coming up with better metaphors for how PGP signing and encryption works, and then *actually evaluating how effective they are with users*. The short answer: key/lock, seal/imprint. And tell a story about them.